[issue42988] [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem
Miro Hrončok
report at bugs.python.org
Wed Mar 10 13:49:22 EST 2021
Miro Hrončok <miro at hroncok.cz> added the comment:
This is now CVE-2021-3426.
----------
title: [security] Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem -> [security] CVE-2021-3426: Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue42988>
_______________________________________
More information about the Python-bugs-list
mailing list